The first Belgian blog dedicated to data privacy, intellectual property, new technologies and related issues, including legal, organizational and security aspects that are essential for citizens, corporations and public bodies.
The European Commission wants laws to be passed across Europe that would force telecoms companies to tell customers when personal data security has been breached. Security breach laws are common in the US but are still controversial. This directive is a part of a huge shake-up of the telecom regulations by the commission.
Even in the wake of the loss of 25 million UK residents' personal details last month the Information Commissioner's Office (ICO) cautioned that a poorly-drafted general security breach notification law would be counter-productive because a large number of notifications could make citizens complacent.
The Commission has published a proposal to amend the Privacy and Electronic Communications Directive, which is designed to ensure that EU citizens' privacy is not violated in telecoms networks.
A major proposal is that telecoms companies would be subject to a security breach notification law which would force them to tell customers when a privacy breach had occurred.
Our comment: For the moment the EU citizens have nearly no information about data thefts compared to their US counterparts. This proposal, will force the telecom market to invest in security in order to reduce the risk of privacy breach and to communicate about these events. But for the moment it is only for telecom companies. Why not for all and every data holder?
More information about the various positions about the new telecom package on euractiv and outlaw
Our Comment: This Google story undermines the complexity of the data privacy regulation in an international environment, based on a mix of national laws that are sometimes contradictory. This is not the end of the story, stay tuned...
The European Union has sent a letter asking US authorities to clarify how its new traveller security-screening system will use data on European citizens, with senior officials expressing concern it might violate an EU-US deal on data-protection. full story
Our comment: it seems that data protection and the data handled in the framework of air trips to USA is a never-ending story
Companies transferring personal data, such as lists of employees or customers, outside the European Union must comply with stringent European legal restrictions. To help businesses demonstrate their compliance, the International Chamber of Commerce (ICC) has taken the initiative to standardize the process across all 25 EU countries.
The ICC has produced a form which it hopes will become a standard across all member states. It awaits approval by EU data protection authority the EC Article 29 Data Protection Working Party.